Vulnerabilities > CVE-2006-6665 - Buffer Overflow vulnerability in AstonSoft DeepBurner DBR Compilation

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
astonsoft
exploit available
metasploit
NVD
Published: 2006-12-20
Updated: 2017-10-19

Summary

Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.

Vulnerable Configurations

Part Description Count
Application
Astonsoft
2

Exploit-Db

  • descriptionDeepBurner 1.8.0 .dbr File Parsing Buffer Overflow Exploit. CVE-2006-6665. Local exploit for windows platform
    fileexploits/windows/local/2950.c
    idEDB-ID:2950
    last seen2016-01-31
    modified2006-12-19
    platformwindows
    port
    published2006-12-19
    reporterExpanders
    sourcehttps://www.exploit-db.com/download/2950/
    titleDeepBurner 1.8.0 - .dbr File Parsing Buffer Overflow Exploit
    typelocal
  • descriptionAstonSoft DeepBurner (DBR File) Path Buffer Overflow. CVE-2006-6665. Local exploit for windows platform
    idEDB-ID:16675
    last seen2016-02-02
    modified2010-09-20
    published2010-09-20
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16675/
    titleAstonSoft DeepBurner DBR File Path Buffer Overflow

Metasploit

descriptionThis module exploits a stack-based buffer overflow in versions 1.9.0.228, 1.8.0, and possibly other versions of AstonSoft's DeepBurner (Pro, Lite, etc). An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded DBR file within a browser, since the DBR extension is registered to DeepBurner.
idMSF:EXPLOIT/WINDOWS/FILEFORMAT/DEEPBURNER_PATH
last seen2020-03-09
modified2017-09-14
published2010-02-03
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6665
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/fileformat/deepburner_path.rb
titleAstonSoft DeepBurner (DBR File) Path Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/85992/deepburner_path.rb.txt
idPACKETSTORM:85992
last seen2016-12-05
published2010-02-05
reporterExpanders
sourcehttps://packetstormsecurity.com/files/85992/AstonSoft-DeepBurner-DBR-File-Path-Buffer-Overflow.html
titleAstonSoft DeepBurner (DBR File) Path Buffer Overflow

References